Web Application Firewall Concepts

Written on November 13, 2012 by Jerson

1. Use Cases
1. Web intrusion detection and prevention
2. Continuous Security Assessment
3. Virtual (or just-in-time) patching
4. HTTP traffic logging and monitoring
5. Network building blocks
6. Web application hardening
2. Deployment models
1. Inline
2. Out of line
3. Embedded
3. Data Model
1. Model construction
2. Persisting information across requests
3. Distinguishing sessions
4. Distinguishing users
4. Analysis Model
1. Negative security
2. Positive security
3. Anomaly scoring
4. Learning
5. Evasion
6. Impedance mismatch
5. Traffic logging
6. Special protection techniques
1. Cookie protection
2. Cross-Site Request Forgery
3. Brute force attacks
4. Denial of Service attacks
5. PDF UXSS protection

If you enjoyed this post you might want to subscribe to our RSS Feed!

- - - -

Comments are closed now, So Sorry!.